script.js

'use strict';
import Secure from './secured.js';
// import * as jose from 'jose';  // per la gestione del token
// const axios = require("axios").default;


const mySecure = new Secure();


const uri = window.location.toString();

if(!uri.includes('#')) {
    const a = document.getElementById("my-link");
    a.href = a.href.replace("$MY_CODE_CHALLENGE", mySecure.codeChallenge).replace("$MY_STATE", mySecure.state);
    sessionStorage.setItem("stateSent", mySecure.state); // state inviato durante la richiesta dell'authcode
    sessionStorage.setItem("codeVerifier", mySecure.codeVerifier);
}
else {
    // l'uri e' del tipo localhost:3000/secured# seguito da parametri
    const uriSplit = uri.split('#');
    const params = uriSplit[1].split('&');
    const uriState = queryStringGetValue(params[0]);
    const uriAuthCode = queryStringGetValue(params[2]);
    const body = document.getElementById('body-id');
    body.innerHTML = "";
    if(!sessionStorage.stateSent || sessionStorage.stateSent !== uriState) {
        body.innerHTML =  `Errors in the request!`; 
    }
    else {
        // post per la richiesta del token
        
        // const options = {
        //     method: 'POST',
        //     url: 'http://localhost:8080/realms/$REALM/protocol/openid-connect/token',
        //     headers: {'content-type': 'application/x-www-form-urlencoded'},
        //     data: new URLSearchParams({
        //         grant_type: 'authorization_code',
        //         client_id: 'myclient',
        //         code_verifier: sessionStorage.getItem("codeVerifier"),
        //         code: uriAuthCode,
        //         redirect_uri: 'https://localhost:3000/secured'
        //     })
        // };

        // axios.request(options).then(function (response) {
        //     console.log(response.data);
        // }).catch(function (error) {
        //     console.error(error);
        // });


        const url = 'http://localhost:8080/realms/test00/protocol/openid-connect/token';
        // const xhr = new XMLHttpRequest();
        // xhr.responseType = 'json';
        // xhr.open("POST", url, true);
        // xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
        // xhr.send(new URLSearchParams({
        //     grant_type: 'authorization_code',
        //     client_id: 'myclient',
        //     code_verifier: sessionStorage.getItem("codeVerifier"),
        //     code: uriAuthCode,
        //     redirect_uri: 'http://localhost:3000/secured'
        // }));
        // console.log(xhr.response);

        // fetch(url, {
        //     method: 'POST',
        //     headers: {
        //         'Content-type':'application/x-www-form-urlencoded'
        //     },
        //     body: new URLSearchParams({
        //         grant_type: 'authorization_code',
        //         client_id: 'myclient',
        //         code_verifier: sessionStorage.getItem("codeVerifier"),
        //         code: uriAuthCode,
        //         redirect_uri: 'http://localhost:3000/secured'
        //     })
        // }).then((response)=> { 
        //     response.json().then((ris) => console.log(ris))
        // });


        const response = await fetch(url, {
            method: 'POST',
            headers: {
                'Content-type':'application/x-www-form-urlencoded'
            },
            body: new URLSearchParams({
                grant_type: 'authorization_code',
                client_id: 'myclient',
                code_verifier: sessionStorage.getItem("codeVerifier"),
                code: uriAuthCode,
                redirect_uri: 'http://localhost:3000/secured'
            })
        });
        const token = await response.json();
        console.log(token);
            
            // DA FARE: capire come richiedere il refresh token
            // fare una get /secured/domains per ottenere tutte le informazioni dal domain manager sui miei domini
        
        



    }
}

/**
     * Ottengo il valore associato al parametro. 
     * @param {*} queryString query string del tipo parametro=valore.
     * @returns il valore associato al parametro.
     */
function queryStringGetValue(queryString) {
    const arr = queryString.split('=');
    return arr[1];
}